Security News > 2022 > August > APT Lazarus Targets Engineers with macOS Malware

North Korean APT Lazarus is up to its old tricks with a cyberespionage campaign targeting engineers with a fake job posting that attempt to spread macOS malware.

The malware is similar to a sample discovered by ESET in May, which also included a signed executable disguised as a job description, was compiled for both Apple and Intel, and dropped a PDF decoy, researchers said.

The most recent malware is signed July 21, according to its timestamp, which means it's either something new or a variant of the previous malware.

Operation In(ter)ception also has a companion Windows version of the malware dropping the same decoy and spotted Aug. 4 by Malwarebytes threat intelligence researcher Jazi, according to ESET. The malware used in the campaign also connects to a different command and control infrastructure than the malware discovered in May, https:[//]concrecapital[.

A similar campaign uncovered last year saw Lazarus impersonating defense contractors Boeing and General Motors and claiming to seek job candidates only to spread malicious documents.

Changing It Up. However, more recently Lazarus has diversified its tactics, with the feds revealing that Lazarus also has been responsible for a number of crypto heists aimed at padding the regime of Jong-un with cash.

News URL

https://threatpost.com/apt-lazarus-macos-malware/180426/